This is not going to come as news to many email users, but there is now an absolute epidemic of email hacking sweeping the internet. There are several different scams crawling their way around cyberspace, but most of them center on having crooks gain access to your email account in order to steal a copy of all the names in your address book and this often includes all the names harvested from your old emails. Once the crooks know who your friends are, all of their addresses are blasted with spam emails attempting to compromise them too.
The goal of the cyber-crooks is to make a “big score” by finding something worth stealing. Some people are just incredibly unthinking about what they write in emails and when their pilfered messages are subjected to sophisticated data mining techniques by cyber criminals the emails can yield up bank or credit card numbers, and other personal information. When cross-referenced with all the information harvested from your Twitter and Facebook accounts, and of course everything your friends write about you in their Twitter and Facebook accounts, the crooks constantly find victims ripe for identity theft.
I am confident that everyone reading this is saying to themselves that “I’m careful using email, and I’m not stupid.” That is probably true, but most of us have a number of “challenged” friends who are not so technically sophisticated and who are constantly the source of spam and other problems. I know this because of the large numbers of scam emails I receive from friends and readers of this column who contact me when they are marooned in some foreign city with no money and no passport, or simply send me an email enticing me to click on a link that will take me to a malicious web site to steal my address book too.I used to call or reply to each of these people warning them their email had been hacked, but on days when I received a dozen or more of these emails I just did not have time. Reliable statistics are hard to come by, but a number of sources say that the number of hacked accounts number in the millions. I thought I was being clever when I created a program to weed out and automatically respond to all of the scam emails I received. My program automatically responded to the sender warning them their email was hacked and listing suggestions for changing their password, etc.
Far from solving my problem, what I had unintentionally done is to create an entirely new problem, referred to as the tyranny of unintended consequences. It turns out my email provider, a first-class paid service, uses some very good anti-spam software to keep their servers clean. The first time my program sent out 17 warning messages in one day it tripped some warning at my email provider and they shut down my account because it looked like I was generating some kind of spam. In one sense I suppose I was.
Ridding the internet of email scams is not easy. History has proven over and again that there are sometimes easy solutions that do work, but if the fix involves changing human behavior then it is rarely ever effective. Such is the case with the current tidal wave of email scams.
The attack vector employed by most scams involves tricking the recipient to click on a malicious link in the email. Users who fear they are going to miss out on reading a funny joke, miss seeing a bargain, or enjoying an interesting Youtube video are the ones who click on malicious links and they are the ones responsible for the current epidemic. Users who follow the rule to never, never, never, never, ever click on links in emails are safe from most email scams.
Occasional Reporter contributor Charles Miller is a freelance computer consultant with more than 20 years IT experience and a Texan with a lifetime love for Mexico. The opinions expressed are his own. He may be contacted through his web site at SMAguru.com.